def _create_events(self):
"""Create sample events.
This one's a bit weird. While we could generate event models ourselves,
it seems wiser to test the event machinery as many times as possible.
As a result, we actually create a load of *other* objects, which will
raise signals and trigger the remainder.
"""
# series-created
series = create_series()
# patch-created, patch-completed, series-completed
patch = create_patch(series=series)
# cover-created
create_cover(series=series)
# check-created
create_check(patch=patch)
# patch-delegated, patch-state-changed
actor = create_maintainer(project=patch.project)
user = create_maintainer(project=patch.project)
state = create_state()
patch.delegate = user
patch.state = state
self.assertTrue(patch.is_editable(actor))
patch.save()
return Event.objects.all()
def test_maintainers(self):
project = utils.create_project()
requested_url = reverse('project-detail', kwargs={
'project_id': project.linkname})
response = self.client.get(requested_url)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.context['maintainers']), 0)
utils.create_maintainer(project=project)
response = self.client.get(requested_url)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.context['maintainers']), 1)
def test_maintainers(self):
project = utils.create_project()
requested_url = reverse('project-detail',
kwargs={'project_id': project.linkname})
response = self.client.get(requested_url)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.context['maintainers']), 0)
utils.create_maintainer(project=project)
response = self.client.get(requested_url)
self.assertEqual(response.status_code, 200)
self.assertEqual(len(response.context['maintainers']), 1)
def test_update(self):
"""Ensure updates can be performed by maintainers."""
project = create_project()
patch = create_patch(project=project)
state = create_state()
# anonymous user
resp = self.client.patch(self.api_url(patch.id), {'state': state.name})
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
# authenticated user
user = create_user()
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(patch.id), {'state': state.name})
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
# maintainer
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(patch.id), {
'state': state.name, 'delegate': user.id})
self.assertEqual(status.HTTP_200_OK, resp.status_code, resp)
self.assertEqual(Patch.objects.get(id=patch.id).state, state)
self.assertEqual(Patch.objects.get(id=patch.id).delegate, user)
# (who can unset fields too)
# we need to send as JSON due to https://stackoverflow.com/q/30677216/
resp = self.client.patch(self.api_url(patch.id), {'delegate': None},
format='json')
self.assertEqual(status.HTTP_200_OK, resp.status_code, resp)
self.assertIsNone(Patch.objects.get(id=patch.id).delegate)
def setUp(self):
super(TestCheckAPI, self).setUp()
self.patch = create_patches()[0]
self.urlbase = reverse('api_1.0:patch-detail', args=[self.patch.id])
self.urlbase += 'checks/'
defaults.project.save()
self.user = create_maintainer(defaults.project)
def test_delegate_change_valid(self):
delegate = create_maintainer(self.project)
self._test_delegate_change(str(delegate.pk))
for patch in [Patch.objects.get(pk=p.pk) for p in self.patches]:
self.assertEqual(patch.delegate, delegate)
def setUp(self):
super(TestCheckAPI, self).setUp()
project = create_project()
self.user = create_maintainer(project)
self.patch = create_patch(project=project)
self.urlbase = reverse('api_1.0:patch-detail', args=[self.patch.id])
self.urlbase += 'checks/'
def test_update(self):
"""Ensure updates can be performed by maintainers."""
project = create_project()
data = {'web_url': 'TEST'}
# an anonymous user
resp = self.client.patch(self.api_url(project.id), data)
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
# a normal user
user = create_user()
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id), data)
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
# a maintainer
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id), data)
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(resp.data['web_url'], 'TEST')
# ...with the exception of some read-only fields
resp = self.client.patch(self.api_url(project.id), {
'link_name': 'test'})
# NOTE(stephenfin): This actually returns HTTP 200 due to
# https://github.com/encode/django-rest-framework/issues/1655
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertNotEqual(resp.data['link_name'], 'test')
def test_update_maintainer(self):
"""Update patch as maintainer.
Ensure updates can be performed by maintainers.
"""
project = create_project()
patch = create_patch(project=project)
state = create_state()
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(patch.id), {
'state': state.slug,
'delegate': user.id
})
self.assertEqual(status.HTTP_200_OK, resp.status_code, resp)
self.assertEqual(Patch.objects.get(id=patch.id).state, state)
self.assertEqual(Patch.objects.get(id=patch.id).delegate, user)
# (who can unset fields too)
# we need to send as JSON due to https://stackoverflow.com/q/30677216/
resp = self.client.patch(self.api_url(patch.id), {'delegate': None},
format='json')
self.assertEqual(status.HTTP_200_OK, resp.status_code, resp)
self.assertIsNone(Patch.objects.get(id=patch.id).delegate)
def test_update(self):
"""Ensure updates can be performed by maintainers."""
project = create_project()
data = {'web_url': 'TEST'}
# an anonymous user
resp = self.client.patch(self.api_url(project.id), data)
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
# a normal user
user = create_user()
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id), data)
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
# a maintainer
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id), data)
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(resp.data['web_url'], 'TEST')
# ...with the exception of some read-only fields
resp = self.client.patch(self.api_url(project.id),
{'link_name': 'test'})
# NOTE(stephenfin): This actually returns HTTP 200 due to
# https://github.com/encode/django-rest-framework/issues/1655
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertNotEqual(resp.data['link_name'], 'test')
def setUp(self):
defaults.project.save()
self.user = create_maintainer(defaults.project)
self.client.login(username=self.user.username,
password=self.user.username)
self.properties_form_id = 'patchform-properties'
self.url = reverse('patchwork.views.patch.list',
args=[defaults.project.linkname])
self.base_data = {
'action': 'Update',
'project': str(defaults.project.id),
'form': 'patchlistform',
'archived': '*',
'delegate': '*',
'state': '*'
}
self.patches = []
for name in ['patch one', 'patch two', 'patch three']:
patch = Patch(project=defaults.project,
msgid=name,
name=name,
content='',
submitter=Person.objects.get(user=self.user))
patch.save()
self.patches.append(patch)
def test_delegate_change_valid(self):
delegate = create_maintainer(self.project)
self._test_delegate_change(str(delegate.pk))
for patch in [Patch.objects.get(pk=p.pk) for p in self.patches]:
self.assertEqual(patch.delegate, delegate)
def setUp(self):
self.url = self.live_server_url + reverse('xmlrpc')
# url is of the form http://localhost:PORT/PATH
# strip the http and replace it with the username/passwd of a user.
self.project = utils.create_project()
self.user = utils.create_maintainer(self.project)
self.url = ('http://%s:%s@' + self.url[7:]) % (self.user.username,
self.user.username)
self.rpc = xmlrpc_client.Server(self.url)
def test_create(self):
"""Ensure creates aren't allowed"""
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(), {'category': 'patch-created'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def setUp(self):
self.url = self.live_server_url + reverse('xmlrpc')
# url is of the form http://localhost:PORT/PATH
# strip the http and replace it with the username/passwd of a user.
self.project = utils.create_project()
self.user = utils.create_maintainer(self.project)
self.url = ('http://%s:%s@' + self.url[7:]) % (self.user.username,
self.user.username)
self.rpc = xmlrpc_client.Server(self.url)
def test_delete(self):
"""Ensure deletions are rejected."""
user = create_maintainer(defaults.project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.delete(self.api_url(self.patches[0].id))
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
self.assertEqual(1, Patch.objects.all().count())
def test_update(self):
"""Ensure updates are allowed."""
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertSerialized(user, resp.data)
def test_list_authenticated(self):
"""List projects as an authenticated user."""
project = create_project()
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(1, len(resp.data))
self.assertSerialized(project, resp.data[0])
def test_update(self):
"""Ensure updates are allowed."""
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertSerialized(user, resp.data)
def test_list_authenticated(self):
"""List projects as an authenticated user."""
project = create_project()
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(1, len(resp.data))
self.assertSerialized(project, resp.data[0])
def test_create_delete(self):
"""Ensure creations and deletions and not allowed."""
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(user.id), {'email': '*****@*****.**'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.delete(self.api_url(user.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_create(self):
"""Ensure creations are rejected."""
project = create_project()
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(
self.api_url(),
{'linkname': 'l', 'name': 'n', 'listid': 'l', 'listemail': 'e'})
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def test_update_readonly_field(self):
"""Update read-only fields."""
project = create_project()
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id), {
'link_name': 'test'})
# NOTE(stephenfin): This actually returns HTTP 200 due to
# https://github.com/encode/django-rest-framework/issues/1655
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertNotEqual(resp.data['link_name'], 'test')
def setUp(self):
defaults.project.save()
self.user = create_maintainer(defaults.project)
self.client.login(username=self.user.username,
password=self.user.username)
self.properties_form_id = 'patchform-properties'
self.url = reverse('patch-list', args=[defaults.project.linkname])
self.base_data = {
'action': 'Update', 'project': str(defaults.project.id),
'form': 'patchlistform', 'archived': '*', 'delegate': '*',
'state': '*'}
self.patches = create_patches(3)
def test_delete(self):
"""Ensure deletions are rejected."""
# Even an admin can't remove a project
project = create_project()
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.delete(self.api_url(project.id))
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
self.assertEqual(1, Project.objects.all().count())
def test_delete(self):
"""Ensure deletions are always rejected."""
project = create_project()
patch = create_patch(project=project)
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.delete(self.api_url(patch.id))
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
self.assertEqual(1, Patch.objects.all().count())
def test_create_delete(self):
"""Ensure creations and deletions and not allowed."""
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(user.id), {'email': '*****@*****.**'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.delete(self.api_url(user.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_update_readonly_field(self):
"""Update read-only fields."""
project = create_project()
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id),
{'link_name': 'test'})
# NOTE(stephenfin): This actually returns HTTP 200 due to
# https://github.com/encode/django-rest-framework/issues/1655
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertNotEqual(resp.data['link_name'], 'test')
def test_update_invalid(self):
"""Ensure we handle invalid Patch states."""
project = create_project()
state = create_state()
patch = create_patch(project=project, state=state)
user = create_maintainer(project)
# invalid state
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(patch.id), {'state': 'foobar'})
self.assertEqual(status.HTTP_400_BAD_REQUEST, resp.status_code)
self.assertContains(resp, 'Expected one of: %s.' % state.name,
status_code=status.HTTP_400_BAD_REQUEST)
def test_update_maintainer(self):
"""Update project as maintainer.
Ensure updates can only be performed by maintainers.
"""
project = create_project()
data = {'web_url': 'https://example.com/test'}
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id), data)
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(resp.data['web_url'], 'https://example.com/test')
def test_update_maintainer(self):
"""Update project as maintainer.
Ensure updates can only be performed by maintainers.
"""
project = create_project()
data = {'web_url': 'https://example.com/test'}
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id), data)
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(resp.data['web_url'], 'https://example.com/test')
def test_update_invalid(self):
"""Ensure we handle invalid Patch states."""
project = create_project()
state = create_state()
patch = create_patch(project=project, state=state)
user = create_maintainer(project)
# invalid state
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(patch.id), {'state': 'foobar'})
self.assertEqual(status.HTTP_400_BAD_REQUEST, resp.status_code)
self.assertContains(resp, 'Expected one of: %s.' % state.name,
status_code=status.HTTP_400_BAD_REQUEST)
def test_readonly(self):
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.delete(self.api_url(1))
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
resp = self.client.patch(self.api_url(1), {'email': '*****@*****.**'})
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
resp = self.client.post(self.api_url(), {'email': '*****@*****.**'})
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def test_create_update_delete(self):
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(), {'name': 'test series'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.patch(self.api_url(), {'name': 'test series'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.delete(self.api_url())
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_create_update_delete(self):
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(), {'name': 'test series'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.patch(self.api_url(), {'name': 'test series'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.delete(self.api_url())
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_update_maintainer_version_1_0(self):
"""Update patch as maintainer on v1.1."""
project = create_project()
patch = create_patch(project=project)
state = create_state()
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(patch.id, version="1.1"), {
'state': state.slug,
'delegate': user.id
})
self.assertEqual(status.HTTP_200_OK, resp.status_code, resp)
self.assertEqual(Patch.objects.get(id=patch.id).state, state)
self.assertEqual(Patch.objects.get(id=patch.id).delegate, user)
def test_update(self):
"""Ensure updates can be performed maintainers."""
# A maintainer can update
user = create_maintainer(defaults.project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(self.patches[0].id),
{'state': 2})
self.assertEqual(status.HTTP_200_OK, resp.status_code)
# A normal user can't
user = create_user()
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(self.patches[0].id),
{'state': 2})
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def test_delete(self):
"""Ensure deletions are always rejected."""
project = create_project()
patch = create_patch(project=project)
# anonymous user
resp = self.client.delete(self.api_url(patch.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
# superuser
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.delete(self.api_url(patch.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_create(self):
"""Ensure creations are rejected."""
project = create_project()
data = {'linkname': 'l', 'name': 'n', 'listid': 'l', 'listemail': 'e'}
# an anonymous user
resp = self.client.post(self.api_url(), data)
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
# a superuser
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(), data)
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_delete(self):
"""Ensure deletions are always rejected."""
project = create_project()
patch = create_patch(project=project)
# anonymous user
resp = self.client.delete(self.api_url(patch.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
# superuser
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.delete(self.api_url(patch.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_delete(self):
"""Ensure deletions are rejected."""
project = create_project()
# an anonymous user
resp = self.client.delete(self.api_url(project.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
# a super user
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.delete(self.api_url(project.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
self.assertEqual(1, Project.objects.all().count())
def test_delete(self):
"""Ensure deletions are rejected."""
project = create_project()
# an anonymous user
resp = self.client.delete(self.api_url(project.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
# a super user
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.delete(self.api_url(project.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
self.assertEqual(1, Project.objects.all().count())
def test_create(self):
"""Ensure creations are rejected."""
project = create_project()
data = {'linkname': 'l', 'name': 'n', 'listid': 'l', 'listemail': 'e'}
# an anonymous user
resp = self.client.post(self.api_url(), data)
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
# a superuser
user = create_maintainer(project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(), data)
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_create_update_delete_version_1_1(self):
"""Ensure creates, updates and deletes aren't allowed with old API."""
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(version='1.1'), {'name': 'test'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.patch(self.api_url(1, version='1.1'),
{'name': 'test'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.delete(self.api_url(1, version='1.1'))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_create_update_delete(self):
"""Ensure creates, updates and deletes aren't allowed"""
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(), {'name': 'Test'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
series = create_series()
resp = self.client.patch(self.api_url(series.id), {'name': 'Test'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.delete(self.api_url(series.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_list(self):
"""Validate we can list the default test project."""
project = create_project()
# anonymous user
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(1, len(resp.data))
self.assertSerialized(project, resp.data[0])
# maintainer
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(1, len(resp.data))
self.assertSerialized(project, resp.data[0])
def setUp(self):
self.project = create_project()
self.user = create_maintainer(self.project)
self.patches = create_patches(3, project=self.project)
self.client.login(username=self.user.username,
password=self.user.username)
self.url = reverse('patch-list', args=[self.project.linkname])
self.base_data = {
'action': 'Update',
'project': str(self.project.id),
'form': 'patchlistform',
'archived': '*',
'delegate': '*',
'state': '*'
}
def test_update(self):
"""Ensure updates can be performed maintainers."""
project = create_project()
# A maintainer can update
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id),
{'linkname': 'TEST'})
self.assertEqual(status.HTTP_200_OK, resp.status_code)
# A normal user can't
user = create_user()
self.client.force_authenticate(user=user)
resp = self.client.patch(self.api_url(project.id),
{'linkname': 'TEST'})
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def test_create_update_delete(self):
"""Ensure creates, updates and deletes aren't allowed"""
user = create_maintainer()
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(), {'name': 'Test'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
series = create_series()
resp = self.client.patch(self.api_url(series.id), {'name': 'Test'})
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
resp = self.client.delete(self.api_url(series.id))
self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def setUp(self):
self.project = create_project()
self.user = create_maintainer(self.project)
self.patches = create_patches(3, project=self.project)
self.client.login(username=self.user.username,
password=self.user.username)
self.url = reverse('patch-list', args=[self.project.linkname])
self.base_data = {
'action': 'Update',
'project': str(self.project.id),
'form': 'patchlistform',
'archived': '*',
'delegate': '*',
'state': '*'
}
def test_update_invalid_delegate(self):
"""Update patch with invalid fields.
Ensure we handle invalid Patch updates.
"""
project = create_project()
state = create_state()
patch = create_patch(project=project, state=state)
user_a = create_maintainer(project)
user_b = create_user()
self.client.force_authenticate(user=user_a)
resp = self.client.patch(self.api_url(patch.id),
{'delegate': user_b.id})
self.assertEqual(status.HTTP_400_BAD_REQUEST, resp.status_code)
self.assertContains(resp, "User '%s' is not a maintainer" % user_b,
status_code=status.HTTP_400_BAD_REQUEST)
def test_update_invalid_delegate(self):
"""Update patch with invalid fields.
Ensure we handle invalid Patch updates.
"""
project = create_project()
state = create_state()
patch = create_patch(project=project, state=state)
user_a = create_maintainer(project)
user_b = create_user()
self.client.force_authenticate(user=user_a)
resp = self.client.patch(self.api_url(patch.id),
{'delegate': user_b.id})
self.assertEqual(status.HTTP_400_BAD_REQUEST, resp.status_code)
self.assertContains(resp, "User '%s' is not a maintainer" % user_b,
status_code=status.HTTP_400_BAD_REQUEST)
def test_list(self):
"""Validate we can list the default test project."""
project = create_project()
# anonymous user
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(1, len(resp.data))
self.assertSerialized(project, resp.data[0])
# maintainer
user = create_maintainer(project)
self.client.force_authenticate(user=user)
resp = self.client.get(self.api_url())
self.assertEqual(status.HTTP_200_OK, resp.status_code)
self.assertEqual(1, len(resp.data))
self.assertSerialized(project, resp.data[0])
def test_create(self):
"""Ensure creations are rejected."""
patch = {
'project': defaults.project.id,
'submitter': defaults.patch_author_person.id,
'msgid': make_msgid(),
'name': 'test-create-patch',
'diff': 'patch diff',
}
user = create_maintainer(defaults.project)
user.is_superuser = True
user.save()
self.client.force_authenticate(user=user)
resp = self.client.post(self.api_url(), patch)
self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def setUp(self):
defaults.project.save()
self.user = create_maintainer(defaults.project)
self.client.login(username = self.user.username,
password = self.user.username)
self.properties_form_id = 'patchform-properties'
self.url = reverse(
'patchwork.views.patch.list', args = [defaults.project.linkname])
self.base_data = {
'action': 'Update', 'project': str(defaults.project.id),
'form': 'patchlistform', 'archived': '*', 'delegate': '*',
'state': '*'}
self.patches = []
for name in ['patch one', 'patch two', 'patch three']:
patch = Patch(project = defaults.project, msgid = name,
name = name, content = '',
submitter = Person.objects.get(user = self.user))
patch.save()
self.patches.append(patch)
